We are currently hiring for a Microsoft Defender Architect to join one of our Insurance clients on a 6 month contract.

Inside IR35

Hybrid- one day a week onsite in the London office.

Responsibilities:

• Deploy, configure, optimise and manage the Microsoft Defender XDR suite, with key focus on Defender for Cloud Apps (MDA).
• Follow best practices to optimise and configure already deployed Defender for Identity (MDI), Defender for Office 365 (MDO), and Defender for Endpoint (MDE).
• Implement security controls and threat protection policies to secure endpoints, identities, cloud applications, and collaboration tools.
• Develop and enforce security baselines, policies, and procedures for proactive threat management across the Microsoft XDR product suite.
• Identify opportunities to automate repetitive security tasks and optimize threat detection and response processes.
• Create and maintain detailed process documentation, standard operating procedures (SOPs), and security runbooks for Defender XDR configurations, incident response, and automation workflows.
• Analyse security alerts, contribute to investigation of incidents, and implement mitigation strategies.
• Provide support to Global SOC, Threat Intelligence, Insider Threat and Threat Hunting Teams
• Collaborate with cross-functional teams (GRC, Cyber Offence, Enterprise Tech and more) to align security strategies with business objectives.

Experience

• Microsoft Defender for Cloud Apps (MDCA):
• Expertise in configuring and managing cloud security policies for SaaS applications.
• Experience in shadow IT discovery, governance, and compliance enforcement.87b
• Strong understanding of session controls and conditional access app controls.
• Microsoft Defender for Identity (MDI):
• Proficiency in detecting and responding to identity-based threats (e.g., lateral movement, pass-the-hash, domain dominance).
• Experience integrating MDI with Sentinel for automated identity threat response.
• Microsoft Defender for Office 365 (MDO):
• Expertise in anti-phishing, anti-malware, and Safe Links/Safe Attachments policies.
• Experience with automated investigation and remediation (AIR) and attack simulation training.
• Microsoft Defender for Endpoint (MDE):
• Strong knowledge of endpoint detection and response (EDR), threat and vulnerability management.
• Hands-on experience with Logic Apps, KQL queries, and Sentinel playbooks for security automation.
• Strong documentation skills for creating runbooks, SOPs, and security process workflows.

If this role is of interest or you would like to learn more, please apply now!

Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.